Gamaredon Exploits Troop Movement Lures to Spread Remcos via DLL Sideloading
A new targeted malware campaign linked to the Russian state-aligned group Gamaredon is exploiting Windows shortcut (.LNK) files The post Gamaredon Exploits Troop Movement Lures to Spread Remcos via DLL...
View ArticleCVE-2025-22398: Dell Unity Hit by 9.8 CVSS Root-Level Command Injection Flaw
Dell has released a security update for Unity OS version 5.4 and earlier, addressing a set of critical The post CVE-2025-22398: Dell Unity Hit by 9.8 CVSS Root-Level Command Injection Flaw appeared...
View ArticleCrushFTP Hacked: Exploit CVE-2025-2825 with PoC and Nuclei Template
ProjectDiscovery has published a technical breakdown of CVE-2025-2825, a critical authentication bypass flaw in CrushFTP—a widely used enterprise-grade The post CrushFTP Hacked: Exploit CVE-2025-2825...
View ArticleFake Zoom, Real Ransom: Nine-Day Malware Intrusion Ends with BlackSuit...
In a meticulously orchestrated cyberattack, a threat actor leveraged a malicious Zoom download to infiltrate a corporate environment, The post Fake Zoom, Real Ransom: Nine-Day Malware Intrusion Ends...
View ArticleCanon Fixes Critical Printer Driver Flaw: CVE-2025-1268 Alert
Canon has issued a security notice regarding a critical vulnerability found in certain printer drivers for its production The post Canon Fixes Critical Printer Driver Flaw: CVE-2025-1268 Alert appeared...
View ArticleMassive X (Twitter) Data Leak Exposes Over 200 Million User Records
Safety Detectives’ Cybersecurity Team has uncovered a significant data leak allegedly containing over 200 million user records from The post Massive X (Twitter) Data Leak Exposes Over 200 Million User...
View ArticleAndroid Under Attack: Crocodilus Trojan Captures OTPs from Google Authenticator
The mobile threat landscape is constantly evolving, with new and sophisticated malware strains emerging to target vulnerable Android The post Android Under Attack: Crocodilus Trojan Captures OTPs from...
View ArticleBulletproof Hosting Fuels Russia-Linked Intrusion Sets’ Global Cyber Campaign
A recent report by Intrinsec has uncovered the activities of Russia-aligned intrusion sets, UAC-0050 and UAC-0006, which have The post Bulletproof Hosting Fuels Russia-Linked Intrusion Sets’ Global...
View ArticleKonni RAT Resurfaces: North Korean Espionage Malware Evolves with Stealth and...
Cyfirma’s recent analysis sheds light on Konni RAT, a sophisticated Remote Access Trojan (RAT) targeting Windows systems. This The post Konni RAT Resurfaces: North Korean Espionage Malware Evolves with...
View ArticleKNIME Business Hub Hit by Critical Bugs, Including Hard-Coded Password and...
A recent security advisory from KNIME details several vulnerabilities affecting the KNIME Business Hub, a customer-managed KNIME Hub The post KNIME Business Hub Hit by Critical Bugs, Including...
View ArticleKoiLoader Reloaded: New Variant Uses LNK Abuse, Script Chains, and PowerShell...
eSentire’s Threat Response Unit (TRU) has detected an intrusion attempt involving a new version of KoiLoader, a malware The post KoiLoader Reloaded: New Variant Uses LNK Abuse, Script Chains, and...
View ArticleCVE-2025-1449 (CVSS 9.1): Vulnerability in Verve Asset Manager Allows Admin...
Rockwell Automation has released a security advisory addressing a vulnerability in Verve Asset Manager. The advisory details a The post CVE-2025-1449 (CVSS 9.1): Vulnerability in Verve Asset Manager...
View ArticleMorphing Meerkat’s Phishing Tactics: Abusing DNS MX Records
A recent report has uncovered a sophisticated phishing operation that uses DNS techniques to tailor content to victims. The post Morphing Meerkat’s Phishing Tactics: Abusing DNS MX Records appeared...
View ArticleBrowser Cache Smuggling 2.0: How Attackers Weaponize the Web to Deliver...
More than a year after first revealing a novel method for delivering malware via browser cache, researchers at The post Browser Cache Smuggling 2.0: How Attackers Weaponize the Web to Deliver Stealthy...
View ArticleEarth Alux APT Group: Unveiling Its Espionage Toolkit
Researchers at Trend Micro detail a highly sophisticated cyber-espionage group actively targeting the Asia-Pacific and Latin American regions. The post Earth Alux APT Group: Unveiling Its Espionage...
View ArticleCISA Warns of Active Exploitation of Cisco Smart Licensing Utility Flaw
In a critical update to its Known Exploited Vulnerabilities (KEV) Catalog, the Cybersecurity and Infrastructure Security Agency (CISA) The post CISA Warns of Active Exploitation of Cisco Smart...
View ArticleApple Backports Fixes for Three Actively Exploited Zero-Days Targeting Older...
Apple has released backported security patches for older versions of iOS, iPadOS, and macOS, addressing three zero-day vulnerabilities The post Apple Backports Fixes for Three Actively Exploited...
View ArticleCVE-2025-27095: Token Theft Flaw in JumpServer Exposes Kubernetes Clusters to...
A new vulnerability in JumpServer (CVE-2025-27095) has been disclosed, exposing Kubernetes clusters to potential compromise through token leakage. The post CVE-2025-27095: Token Theft Flaw in...
View ArticleVerizon Call Filter App Vulnerability Exposed Call Records of Millions
A security vulnerability in the Verizon Call Filter iOS app allowed attackers to potentially leak the call history The post Verizon Call Filter App Vulnerability Exposed Call Records of Millions...
View ArticleAmazon Eyes TikTok: Acquisition Race Heats Up
As the deadline imposed by the Trump administration for TikTok’s U.S. operations to resolve their future approaches, an The post Amazon Eyes TikTok: Acquisition Race Heats Up appeared first on Daily...
View Article